Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 24-Hour Beta: Nmap 4.69BETA1

From: David Fifield <david () bamsoftware com>
Date: Sun, 7 Sep 2008 21:57:51 -0600
On Sun, Sep 07, 2008 at 08:30:40PM -0500, Alan Jones wrote:

The nmap scan i originally did was
nmap -v -A -reason -traceroute -sC <host>

Note: i am running Windows with WinPcap (one a little newer then what comes
with Nmap)

on 4.68
64.13.134.52: guessing hop distance at 9

TRACEROUTE (using port 22/tcp)
HOP RTT   ADDRESS
1   1.00  home (192.168.x.xx)
2   14.00 adsl-70-xx-x-x.dsl.ltrkar.sbcglobal.net (70.232.xx.xxx)
3   14.00 dist2-vlan52.ltrkar.sbcglobal.net (76.253.179.34)
4   12.00 bb1-g1-0-2.ltrkar.sbcglobal.net (76.253.179.17)
5   29.00 151.164.189.80
6   29.00 asn6461-abovenet.eqchil.sbcglobal.net (151.164.251.46)
7   37.00 so-0-1-0.mpr1.ord2.us.above.net (64.125.30.146)
8   86.00 so-2-0-0.mpr1.sjc2.us.above.net (64.125.26.137)
9   79.00 so-4-0-0.mpr3.pao1.us.above.net (64.125.28.221)
10  83.00 metro0.sv.svcolo.com (208.185.168.173)
11  82.00 scanme.nmap.org (64.13.134.52)


on 4.69beta 1 with the same scan i get guess of 1 hop
TRACEROUTE (using port 80/tcp)
HOP RTT  ADDRESS
1   1.00 home (192.168.x.xxx)
2   1.00 scanme.nmap.org (64.13.134.52)


Yeah, it looks like your hop 2 is playing games with port 80. If you run

nmap -v -A -reason -traceroute -p 22 -sC <host>

the traceroute will work. The old traceroute code somewhat arbitrarily
chose port 22 for the trace and the new code somewhat less arbitrarily
chose port 80. It's not clear if anything can be done about it;
intermediate hosts could just as easily mess with port 22 traffic.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: